How to Avoid Computer Viruses – Part 1

Note: This is the first in a 2 part series on how to avoid computer viruses and malware.  Read the second part here.

 

 

The Best Way to Avoid Computer Viruses

Forget antivirus software – use this simple technique below to avoid computer viruses before they ever infect your computer. The best way to avoid viruses is to know which website and email links are dangerous, and not to click on them.  Below are the steps to make virus protection simple.

 

Step 1: Hover Over the Link in Question

Hold the mouse over the link and don’t click on it.  You will see the website link you are about to click on, either at the bottom of the screen or in a popup next to the mouse.

Step 2: Look at the Domain

Here is the big secret of looking at website links: ignore the http:// part, and look at the two words before the first slash.

For example, look at the link http://www.google.com/search?q=look+for+stuff. The two words before the first slash are google.com.  This tells you you’re going to Google.  Now look at the image to the right (click on it to enlarge).  The mouse is hovered over the link that claims to be http://www.BankOfAmerica.com, but the popup shows the actual site to be: http://www.bankofamerica.com.hack.com/ThisIsAHackedWebsite/YouAreNowInfected.htm.  If you look at the two words before the first slash, you will see is is actually going to hack.com.  You don’t trust hack.com, so you don’t click the link.

The simple steps highlighted above are crucial for virus protection. Follow these two steps whenever you are clicking on a link from an unexpected email or mistrusted website, and you will take a huge step toward never getting a virus again.

International Note: This trick works if you are in the US, where most domains in .com.  If you are in, for instance, the UK where domains end in .co.uk, then look for the 3 words before the first slash.

5 Steps to Avoid Credit Card Breaches

The Problem With Credit Card Breaches

As it turns out, credit card security is not something the tech industry has completely figured out. We have all heard about the stolen data and credit card numbers at Target, Neiman Marcus, and most recently Home Depot.  Credit card breaches affected over 70 million customers.

What is less well known is how this breach actually happened.  The answer: spyware caused the data breaches. In fact, the same malware caused both the Target and Home Depot breaches.

Most people think of viruses and malware these days as just causing popups and slowing down computers.  But they can do anything.  In this case, malware programs such as Backoff, BlackPOS, and Kaptoxa are designed to steal credit card data.  Computers infected with this malware read the credit cards as they’re being swiped and send the customer’s info to the malware owners. These people then sell it on the black market. This leads directly to huge amounts of credit card fraud.

[box] Malware is responsible for data and credit card breaches. Small businesses are just as susceptible to this problem as large businesses. If your business swipes credit cards, take steps to protect your customers and your reputation.[/box]

Small businesses are also susceptible to credit card fraud

Don’t think that hackers are specifically targeting the Targets of the world because they get a bigger payoff.  It costs them nothing to infect small businesses, so they do.  In fact, the Secret Service is reporting that more than 1,000 American businesses were infected by the same malware that got Target, and that report was released a month ago.  Given the typical growth patterns for viruses, I’m sure you can imagine what that number is today.

So if you accept credit cards from your customers, consider yourself a target and take steps to protect yourself.

5 steps you can take to help secure your company from similar data breaches

  1. Protect Against Malware

    These days, there are so many ways to infect a computer. You need a multi-layered approach to malware protection.  First, start with endpoint protection.  This should include antivirus and anti-spyware software on all computers.  Second, protect your entire network by using a content filter that scans all traffic in and out of the network for malware.

  2. Isolate Financial Computers –

    Ideally, Point of Sale computers will never need to get onto the general internet.  They will need to contact your credit card company, your PoS software company, and that’s it.  If this is the case, you can create special firewall rules that block all traffic from PoS computers that isn’t going to one of those two destinations.  That way, even if your PoS computers do get infected, they can’t phone home with the stolen credit card data.

  3. Network Security Best Practices

    No matter what business you are in, your company should be following general network security best practices.  Your IT support provider should be doing regular checks to ensure all of your computers, remote computers, networking equipment, and public-facing services are configured optimally for security.  (And they should be doing this as part of their service, even if you aren’t asking for it.)

  4. Upgrade PoS devices

    Magnetic strips on credit cards have inherent security flaws.  Anyone can read a magnetic strip, save that data, and sell it on the black market.  And anyone who buys that data can create fake credit cards.  Credit card fraud is widespread, but the credit card industry is moving quickly to put smart chips in all credit cards.  These chips have their own security flaws, but one of the big advantages is that they are very difficult to duplicate.  So even if thieves steal the data from the cards, it won’t do the thieves any good because they can’t use it. As of October 2015, the credit card industry has mandated that all businesses must upgrade their PoS machines and card swipes.  Do this sooner than later to protect your customers.  As an added incentive, if you haven’t upgraded and someone’s card data is stolen from you, they will place all of the liability on you for not upgrading.

  5. Get a PCI-DSS Audit

    Hire a company to come in and perform an audit to make sure you are PCI compliant.  (PCI-DSS stands for Payment Card Industry Data Security Standard.)  They will go through your setup and make sure you are compliant with a minimum set of security standards and that you are handling customer’s data securely.  But this is a minimum standard; both Target and Home Depot were PCI compliant.  Think of this audit as table stakes to play the credit card game, not as a panacea to fix all security problems.

Credit card security is an issue your company must address. For help securing your network to minimize any risk of you being the next Target, please give us a call. We would be happy to discuss how Strive Technology Consulting can help you avoid credit card breaches within your company.

Bad Microsoft Updates Causing Blue Screen Crashes

Microsoft releases updates to fix bugs once a month.  Last week, they released a lot of updates, 3 of which are causing computers to crash and blue screen after a reboot.  Microsoft references three of these updates with their support article ID numbers. The numbers are are KB2982791, KB2976897, and KB2970228.

If your computers are set to use automatic updates, it may have already installed them.  It is an intermittent problem, therefore you may not have seen it cause problems yet.  See articles here and here for more information and a description of the problem.

If you are one of our Managed Services customers and you’ve installed our management software on your computers, you don’t have to worry about this. You will not be receiving these updates.  If not, please follow the instructions below to uninstall these updates.

Finally, if you are already experiencing this problem and your computer won’t turn on, have your IT provider boot the computer with an external “boot CD.” Then delete the C:\Windows\System32\FNTCACHE.DAT file.  That should allow the computer to boot, after which you can remove these updates.

Please contact us if you:

  • Do not have an IT provider
  • Need help removing these updates
  • Would like to hear about our Managed Services program, which will keep you from having problems like this.

Step by step instructions on how to uninstall an update

1.  Go into your Control Panel and open Programs and Features

2. Click “View installed updates”

Your computer will show you which updates installed, rather than which software programs.

 

 3. Type one of the three article numbers into the search box

The article numbers are KB2982791, KB2976897, and KB2970228.  You will see that the article ID in the example image below does not match one of the these.  I have not installed these updates on my computer, so I cannot give you true example screenshots of what it will look like.  In place of these articles ID’s, I used “KB2826003,” which is a benign Office update.  Ignore the number in the image and replace it with each of the three above.

 

4. Make sure the article ID you searched for is in the title of the update.

Highlight that update, and click the Uninstall button.  Follow the wizard and accept all prompts.

 

 

 

21 Ways to Avoid Identity Theft

We have all heard the news about a billion passwords being stolen by Russian hackers, and Target exposing millions of customer credit cards.  I invited Peggy Altschuler of LegalShield as a guest author for this month’s article to help clear up what identity theft is, what we can do about it, and how we can protect ourselves.


Think you’re not at risk?  Think again!

Identity theft is the world’s largest white collar crime

It has even surpassed drug trafficking by trade.  All day, every day, identities are being bought and sold on the black market non-stop.  According to the FTC, one in two will be affected with one of the six types of identity theft in the next twelve months.

What are the six types of identity theft, you ask?

 

  • Financial
  • Medical
  • Criminal
  • Social Security
  • Driver’s License
  • Synthetic

Unfortunately, most people have a misconception that identity theft is all financial.  Countless times individuals have told me, “Let them steal my identity, my credit stinks,” or “An identity thief wouldn’t want mine. I don’t have any money.”  When that occurs, I ask them for a few minutes of their time to explain the six different types of identity theft and how it could affect their life.  The nightmare can go on for years.

Are you aware that social security numbers can be purchased for as low as $15.00?  Did you know that identity “packages” are available that include driver’s licenses, marriage certificates, fake diplomas, etc.?  Unfortunately, technology has so far surpassed the security of it that identity theft is out of control.

People often ask me how they can prevent identity theft from happening to them.  Unfortunately, we can not prevent it.  All we can do is take pro-active steps to make us less susceptible to being the next victim.  The real key is what identity theft protection measures you have in place when it happens to you.

What to look for in identity protection

When looking for protection, make sure that your plan includes full restoration.  This simply means that a professional is working on your behalf to restore it back to the way it was originally, no matter how long it takes.  With the most expensive part of identity theft being the time spent to recover, this is the number one thing to look for in an identity theft protection program.

Everyone is vulnerable, young and old alike.  Even the deceased have their information being used.   Education is key.  Know what can happen to you and put a plan in place to help you manage it not if, but when it happens to you and your family.

As far as things you can do to help protect yourself and your family, follow this list of suggestions below.

Top 21 Ways to Avoid Identity Theft

  1. Subscribe to a reputable credit monitoring company that not only monitors your credit on an ongoing, 24 hour, 7 day/week basis, but also provides RESTORATION (not resolution or reimbursement) and attorney access when you are a victim.
  2. Cross-cut shred all junk mail/documents with personal information on them before throwing them away.
  3. Mail all outgoing mail from a secure location such as an official United States Post Office box.
  4. Never give your personal information out to anyone unless you initiate the contact.  Be aware of phishing, smishing, and pharming.
  5. When making online purchases, make sure that you are on a secure website.  It will have an “s” after the http (ie:  https://)  Use a separate credit card with a low limit for online purchases.  Using your debit card gives easier access to your bank account where your daily living expense money is more readily available.
  6. Copy the contents of your purse/wallet and keep in a safe place.
  7. Don’t just sign the back of your credit cards.  Specify “Photo ID Required” or “Please see ID” with your signature.
  8. Never carry your social security card in your wallet/purse and have your social security number removed from your driver’s license.
  9. Check your bank and credit card statements regularly.
  10. Keep your blank checks in a secure location.  When ordering new checks, have them mailed to your bank (not your home).  Use your first and middle initials with your last name and your cell phone number vs. your home phone.  Don’t carry your checkbook unless you know you will need it that day.
  11. When writing checks, use a felt tip marker or gel pen.  Do not use a ballpoint pen.  Ballpoint pen ink can easily be “washed”.
  12. Ladies, hold onto your purse while shopping.  Never leave it in the cart unattended.
  13. Take your trash to the curb the morning of, not the night before.  At the curb, it becomes public property.
  14. When doing anything financial online be sure to use a secure online connection in lieu of wireless (in public places).
  15. Opt out of credit card offers at 1-888-5-OPTOUT or online at http://www.optoutprescreen.com.  This won’t stop all offers completely, but will definitely slow them down.
  16. Keep your computer firewall and virus protection updated.
  17. Use at least 8 digit passwords with a combination of letters and numbers on your accounts
  18. Make it a household rule that the first family member home gets the mail.
  19. If you opt to freeze your credit, then understand that it makes it very difficult for you to make large purchases, open accounts, etc.  You have some choices as to the length of time you choose (90 days – long term).
  20. If your credit card has an RFID chip in it, then be sure to carry it in a security sleeve (you can find these at travel stores) or wrap in foil.
  21. Make your credit/debit card company and financial institution aware if you plan to travel.

If you would like to speak with Peggy about identity theft protection and insurance, contact her at 720-280-1068 and visit her website at http://www.peggyalt.com.

5 Ways to Keep Your Computer Running Fast

“Why is my computer so slow?”  How many times have we asked ourselves that?  It is widely considered an unfortunate fact of life that computers will slow down and eventually die, like an old person, or a battery running out of juice at the end of it’s life.  But I am here with happy news: it doesn’t have to be that way! Keep your computer running fast with the following tips.

Happy News: Computers don’t have to slow down!

 

5 ways to keep your computer running fast

  1. Reboot your computer

    It’s such a common answer that it has become comical.  Users wonder why helpdesk people always tell them reboot.  Helpdesk people wonder why users never reboot, even though they’re always telling them to.  Here’s the secret: Rebooting is the miracle cure for Windows woes.  As you may have realized by now, Microsoft software is not always the most stable, best written software imaginable.  You turn on programs and turn them off, open and close files, make changes, undo, redo, etc.  All of the normal things that people do leads to A LOT of processing on the back end.  Sometimes, the people who write the software don’t always clean up after themselves like they should.  Sometimes bugs creep in and get worse as time goes on.  But 90% of all speed problems can be fixed by rebooting.*  It’s like giving your computer a fresh start.  Have you ever performed a task that had so many working pieces you lost track of where you were and had to start from scratch just do to anything at all?  Computers feel that way, too, sometimes.  Reboot once a week or more to keep your computer running fast.

  2. Delete Temporary Files

    As programs go about their business, they generate a lot of data that they only need for a few minutes.  They store this data in temporary files they are supposed to delete later… but often don’t.  People can have hundreds or thousands of these files that are taking up space and slowing down the computer.  So, do yourself a favor to keep a clean computer: every few months, delete all of these temp files immediately after you turn your computer on.  These temp folders are typically stored in 3 locations: C:\temp and C:\Windows\Temp are the easy ones.  The third one is different depending on what version of Windows you’re using and username.  The easy to get to it is to click Start (or Start > Run if you prefer) and type in %temp%.  That’s a percent sign, the word “temp” and another percent sign.  This will take you right to the third folder.  Unless you are specifically saving things here (and don’t do that), deleting everything is generally safe.

  3. Delete Internet Cache

    Your web browser knows 3 things about speed: 1) Most webpages don’t change very often; 2) You go to the same pages over and over; 3) Retrieving data from your own computer is far faster than downloading it over the internet.  Combine all of these things, and you get “caching.”  The webpages you browse the most probably don’t change much and you can see them quicker if they are saved on your computer.  So your browser downloads the websites you go to and stores them on your computer.  This is called “cache,” or “browsing history,” or “temporary internet files.”  But your computer is a glutton, and doesn’t know when to stop.  So it downloads EVERYTHING you see, not just the important stuff.  And then it has to scan everything it has downloaded before getting it from the internet.  If you don’t clear your internet cache occasionally, web browsing will be slower and slower.  All browsers have a way of clearing this cache in their settings.  Do this once a week for a clean computer.

  4. Disable Startup Items

    Most computers that come from manufacturers like Dell and HP have dozens of programs that run behind your back when you turn the computer on.  Most people never use any of these programs, so they are needlessly taking up your computer’s resources.  And the more software you install, the more things get scheduled to run when you turn your computer on.  Remember, you want to keep your computer running fast! Disabling unnecessary startup items can boost your computer’s speed a great deal.  There are many tools out there that can help you do this.  But be careful with this tip, because sometimes you do want things running on startup.  I have generally found it safe to download Autoruns from Microsoft’s website and uncheck everything in the “Logon” tab.  But this is best done with a professional, or someone who knows what all of the startup items really do.

  5. Get a Good Antivirus Program

    The surest way to make your computer slow down is to get a virus or malware.  Everyone knows to have an antivirus program on their computer, but there’s a rub.  All AV programs can look through your computer and find viruses that are already on there.  The tricky part is catching the viruses before they infect you.  Most programs do this by hooking deeply into the operating system, watching everything that happens on the computer, and then approving/disapproving it.  This can really slow down a computer, and some antivirus programs slow your computer down much more than others.  In my experience Norton’s products cause far more problems than they solve, slowing down computers in particular.  So absolutely get a good antivirus product, as well as a good anti-malware product, but look at reviews or ask your IT company which ones they recommend for minimizing user interference.

That’s it.  if you do these 5 things regularly, you’ll keep your computer running fast forever and you will be more productive. No more asking yourself, “why is my computer so slow?”

One last thing: notice I didn’t say, “Defrag your hard drive and delete your cookies.”  I don’t know where this myth came from, but it’s thoroughly unhelpful.  Your computer will have 1000 times as much data saved in internet cache than in cookies.*  And defragmenting your hard drive could be helpful, but it’s more of a last resort for speeding up your PC.  And it’s done automatically these days.  Stick to these 5 and your computing life will be far happier.

 

 

* I completely made up these statistics, so don’t quote me on them.  But they paint the right picture, so believe them.  🙂

 

4 Ways to Increase Your Wireless Internet Speed

What Happened To My Fast Internet?

We’ve all had that problem: you sit down, motivated for the day and ready to get everything done…. and you can’t connect to the internet.  The wifi is broken again. Everyone has problems with wireless internet speed, both at home and at work. Typical fixes include: “wait for it to get better,” or “reboot the stupid thing again.”  Here, we present 4 things you can do to make your wireless network better so this won’t be a problem in your life.

1.  Don’t Use Wifi

That’s right, we said it.  Don’t use wifi!  True, this is a bit of a strange suggestion, given the focus of this article, but hear us out (and then move on to more poignant tips).  What we will be discussing below are all the problems with wireless internet speed and how to get around them.  But the fact remains: wifi has a lot of problems. Interference, technology limitations, encryption keys, the list goes on and on.

Wired connections have none of these problems.  In terms of a fast internet connection, plugging your computer in to a network with a cable is better in every way, except portability.  Wired connections are faster, more secure, more stable, and less likely to give you problems than a wifi connection by an order of magnitude.  The only downside is you are limited to where you can move and you have a cable sticking out of your laptop.  But you probably have a power cable and mouse cable sticking out of your laptop already, so one more isn’t a big deal.  Plus, how often do you really browse the web while walking your laptop around the office?

2. Place Your Equipment Properly

Where you put your wireless router or access point can greatly affect how well you can connect to it.  Have you ever noticed your cell phone always cuts out in the same spot in your house?  That’s probably because the signal can’t get from the tower to your phone any longer because of what’s in the way.  The same thing happens to wifi.  If your wireless router or access point is next sitting in a cement room with 3 foot thick walls, it is pretty obvious that the signal won’t get out very well.  Keep the following guidelines, provided by  Cisco, in mind when anticipating how far your signal will go through different building materials:

  • Paper and vinyl walls have very little affect on signal penetration.
  • Solid and pre-cast concrete walls limit signal penetration to one or two walls without degrading coverage.
  • Concrete and wood block walls limit signal penetration to three or four walls.
  • A signal can penetrate five or six walls constructed of drywall or wood.
  • A thick metal wall causes signals to reflect off, causing poor penetration.
  • A chain link fence or wire mesh spaced between 1 and 1 1/2 in. (2.5 and 3.8 cm) acts as a harmonic reflector that blocks a 2.4-Ghz radio signal.

Also, avoid placing your wireless equipment next to windows, filing cabinets, HVAC ducts, and other metal surfaces, as they can bounce the signal in unexpected ways.  And keep them away from devices that cause interference (see below), regardless of the material.  The higher you can place your wireless router, the better the internet speed.  Definitely above furniture level, on the ceiling is great.  Finally, position the antenna vertically for best signal strength.

3. Avoid Interference

The biggest problem with internet speed is when other wireless signals get in the way.  If you are in an office building with 15 other companies within wireless range of you, then your wireless device is competing with at least 15 other devices, all trying to send data over the same spectrum.  But wireless manufacturers know this is how life is, so they do a good job at designing their products to work in crowded environments like that.  The more difficult problem is other non-wifi devices that are using the same spectrum.  Most wifi uses the 2.4 GHz spectrum range.  So do baby monitors.  So do cordless phones.  Here is a list of some common non-wifi devices that can all interfere with your wireless internet speed and access:

  • Microwave ovens
  • Cordless phones
  • Bluetooth devices
  • Wireless video cameras
  • Outdoor microwave links
  • Wireless game controllers
  • Zigbee devices
  • Fluorescent lights
  • WiMAX
  • Baby monitors

So, what can you do to avoid all of these problems with wifi speed?  First, have a wireless policy for your office.  Tell your employees they can have video game consoles in their office, but they cannot have wireless controllers.  Encourage people to avoid using Bluetooth when alternatives exist.

Next, carefully consider proper device placement for your networking equipment.  In addition to the tips given above, don’t put your wireless equipment next to the microwave in the kitchen, or on top of a fluorescent light in the ceiling.

When setting up your wireless network, choose your channels carefully.  Look to see what your neighbors are using for wifi channels, and choose one that is used less.  Channels 1, 6, and 11 are best.

Finally, use the 5 GHz spectrum for wireless communication.  Most wireless these days, as well as much of the interference, is on the 2.4 GHz band.  Newer wireless devices can offer the same wireless service on a different spectrum, 5 GHz, which has much less traffic, interference, and noise.  As more people realize this trick, they will move there as well so it will only work for so long.  But even if everyone moves there, it will still have less interference from other non-wifi devices.

4. Buy the Right Equipment

You can go down to your local Radio Shack or Best Buy and pick up a wireless router for $60.  If it works for your home, it should work for your business, right?  Wrong.  Anyone who has read our article on buying a new PC will recognize the flaw in this logic.  Manufacturers tend to build products with two different markets in mind: home and business.  The equipment they produce for the business market tends to be very stable, high end, is expected to work all the time in varied conditions, and is more expensive.

The equipment they produce for the home market is less expensive, but is typically built with lower quality components, has fewer features, and they know that it doesn’t need to work 100% of the time because it’s just some dude at home using it and he can reboot it regularly or go replace it for another $60 in a year if it breaks.

One of the biggest problems businesses have with wifi speed is that they are using home class devices.  In order to have wireless available, stable, and running optimally all the time, businesses need to invest in a business class wireless network.  Business devices will communicate with each other better than home devices, allowing fast internet from one end of the office to the other without losing connection.

Many people try to solve their wireless problems by putting a wifi device in every room; this is a bad idea.  This can lead to more interference, even if they are all part of the same network.  Business class wifi devices will coordinate with each other how strong of a signal they need to broadcast to cover all areas, thus creating less interference.

Next, get a device that can handle 2.4 GHz and 5 GHz.   As we saw above, 5 GHz is a more open spectrum with fewer devices on it and less interference.  But not all computers, tablets, phones, etc. can access 5 GHz, so you will still need to provide 2.4 GHz access.  Find a device that can do both of these simultaneously, as some claim can do both but cannot actually do both at the same time.

Finally, know the difference between a wireless router and a wireless access point.  An access point provides wireless access to an existing network.  This is what most businesses will want in most situations.  A router creates a new network, segregating people on it from all other network traffic.  These are more common at retail stores and will cause communication problems between computers if you put this on your network.

Questions?

Having questions about your wireless internet speed now and aren’t sure what to do?  Does fast internet seem like an unachievable dream to you at this point? Please ask any questions in the comments section below, we would be happy to answer.

 

 

Security Alert: Many Secure Websites Found Vulnerable

On April 7th, the computer security community had its hair set on fire with an announcement of a new website security vulnerability called the Heartbleed bug.

This is not a technical article, but the broad strokes are important to understand.  Secure websites are protected by a technology called SSL.  Nearly 18% of the websites out there are (or were) running a version of SSL that contained a bug.  This bug allowed attackers to decrypt any information passed to or from the website.  So, for instance, if you were doing online banking with a company that was susceptible to this, if someone could watch of capture your website traffic, they could then decrypt that traffic and read what they wanted.  This may include usernames, passwords, bank account numbers and any other information that you read from, or passed to, that server.  This vulnerability popped up over 2 years ago, so it has been “in the wild” for long enough to be a strong concern.

The total number of websites affected by this bug is estimated at about half a million, including Yahoo!, OK Cupid, Dropbox, Flickr, and Twitter, Tumblr, and Regents bank

[learn_more caption=”Click here for technical details”] The Heartbleed bug affects OpenSSL versions 1.0.1 through 1.0.1f and was introduced in December, 2011.  The vulnerability was introduced with the inclusion of a heartbeat extension. If exploited, the bug will leak a random 64KB chunk of memory from the server.  It can be run multiple times, eventually finding the SSL private key– a.k.a. the keys to the cryptographic kingdom.  This is a non-intrusive exploit, so there is no way to detect whether a server has been compromised or not. Go to http://heartbleed.com for a detailed analysis and thorough FAQ.[/learn_more]

Does this affect my company’s website?

If your website does not offer encryption, then you do not need to worry.  Put another way, if you cannot get to your website by putting “HTTPS://” in front, then you do not need to worry.  If you do offer encryption of your website, then beware.  Here are the steps you need to take to protect your website security:

  1. Test your websiteGo here for a free test. It will grade your SSL security, and tell you if your site is vulnerable to the Heartbleed bug.
  2. If you find your site does have this vulnerability, fix it immediately!  If your website is hosted by a major company, call them and demand they fix it.  The bottom of this page has a list of web server vendors and their instructions on how to fix the problem.
  3. Once fixed, generate new encryption keys and revoke your old ones.  Update your website so you are only using the new keys.  Do this whether you think you’re safe or not.
  4. Alert your users and request or force them to change their passwords on your site.  Alert them of the risk to personally identifiable information.

Does this affect me?

There is a good chance that the answer to this question is YES.  This is a very serious bug that has been exploitable for over two years, so put this in the “better safe than sorry” category.  The better websites out there will be alerting their users about this issue, but don’t trust them to be proactive.  Take the following steps yourself to ensure your protection.

  1. Test the websiteGo here for a free test.  Test your online banking website, your credit card website, your online dating site, anything where you have to put in a username and password and where you keep important information.
  2. If it is vulnerable, don’t log in.  Wait until they have fixed the problem.  Keep an eye on their blog or Twitter feeds for updates.  Or call them and ask.
  3. Once they have fixed the problem, change your password.  See our article on what makes a good password, and how to create strong passwords that are easy to remember.  If you have used this password anywhere else, change it everywhere.  Consider it compromised.
  4. Think about other services that use encryption, not just websites, such as email and instant messaging. All of these use SSL encryption and it is not as easy to test those on your own.  Call your vendors and ask if this bug has affected them.  I have already contact our hosted Exchange provider and confirmed they are not susceptible to this, not should most Exchange providers.  But if you use POP or IMAP email, strongly consider contacting your email provider and confirming.

Check back soon

We will be keeping a close eye on this over the next few days and updating this blog post with any new information.  Please check back for updates.  If you are concerned about something and are not sure what to do, contact us or leave a comment below and we will respond promptly.

UPDATE – APR 10Here is another good site to check if a site is now, or was previously, vulnerable to this.  And if you don’t have the time or inclination to do the work for yourself, check out this site, which has a list of the most popular sites on the web and whether they were vulnerable.

UPDATE – APR 10: According to ZDNet, Google, Amazon Web Services, and Centurylink were all susceptible to this bug.  There is also some evidence that this bug was actually used and exploited several months ago, before it was known about publicly.  Security researchers are calling this an 11 on a scale of 1-10.  I don’t want to cry wolf here and tell you that everything you have done in the last two years is in the public domain now, I’m quite certain that’s not the case.  But do change your passwords everywhere.  You know you should be doing it anyway.  There is no better time or excuse than this.

All You Need to Know About Data Recovery and Computer Backups

“Computer backups are important.”  This is so obvious and well known that it’s almost not worth writing.  But I would like to shift the conversation here, because data recovery is actually what you should be worried about.

The question people are always asking is, “How should I be backing up my data?”  This is misguided.  The question they should be asking is: “If I need to restore my data, how will it work out?”  No one, aside from us techies, cares about data backups and the intricacies of how it all works.  Everyone cares about how difficult it will get to restore their data once they need it.  We will continue to use the term “backups,” but keep in mind that it is the data recovery you really care about.

The three things you need to know about backups are

1. What is the backup type, and how will that affect my restores?
2. Where is the backup stored, and how will that affect my restores?
3. What sort of data loss are you planning for?

Backup Types

There are two methods of backing up data today; each has its advantages and disadvantages:

  1. File based data backups – File recovery is what comes to mind when most people think about backups.  When a file is created or modified, that whole file is backed up.  Storing these files tends to take up less room than image based backups.  It is easier to see the files that are backed up, and usually easier to restore them.  This cannot backup the operating system or any programs – only data. If you would store something in your My Documents folder, this will back it up.
  2. Image based data backups – In this case, the word image is not a synonym for a picture or visual image, so forget that analogy.  Instead of backing up individual files, this backup method takes a snapshot of the entire computer all at once.  This takes up much more space than file-based backups, but subsequent backups are much smaller.  The initial backup would be the size of the whole computer.  After that, if you changed one letter in a Word document, it would only need to back up that single letter and its location on the drive, not the whole file.

How do these differences affect your data recovery?  File-based backups are easier to restore for non-technicians.  Files-based backups may be faster to restore, and they are often less expensive.

Image-based backups allow you to restore the entire system, exactly as it was at the time of the backup.  With a file-based restore, you would need to reinstall Windows, then all of the programs, then restore the files that were backed up.  This makes image-based backups superior for computer Disaster Recovery.

Backup Storage For Disasters and Data Recovery

Where your backups are stored can matter a great deal for your Time To Data Recovery, as well as your resiliency against disaster.  Here are your options for location of backup storage:

  1. In the office – Restores will be fastest if the backups are stored onsite in the office.  However, your backups will likely suffer the same fate as your server in the event of a fire or flood so they aren’t very safe here.
  2. Locally but offsite – Storing the backups at an employee’s house provides more protection against disaster.  However, most employees live near the office, and natural disasters that strike the office will likely affect a nearby home as well.  This is great protection against a building fire or sprinkler flood, but not as much for natural disasters.  Time To Restore goes up by the amount of time it takes to drive to the employee’s house and back, but are still quite fast once back in the office.
  3. In the cloud – This is the safest place to store backups because all cloud providers worth their salt will have mirrored data centers in multiple locations across the country.  This protects you against natural disaster. It also makes it easy to restore files to any location, including temporary office space if something happens to yours.  However, this is the slowest method of data restoration.  Downloading 100 GB of data over a would take 24 hours on a 10 Mbps cable internet connection, but only 20 minutes on a fast local network.  If you are shopping for a cloud backup vendor, make sure they will next-day ship you a hard drive with your data on it in the event of an emergency.
  4. Local-Cloud hybrid – This is the best of both worlds.  You back up all of your data to, and restore from, a drive in your office which is is very fast and efficient.  Then that data gets synchronized to the cloud for computer disaster protection and safe storage.

If you are going to store your data backups onsite, also keep in mind your storage media.  Technology changes rapidly and may change while you are still using the old thing.  10 year old hard drives won’t work in today’s computers.  Do you need to keep data for that long?  Magnetic tapes are the best way to guarantee decades of data archiving, but will your new server be able to run that old tape drive?  If you are using a CD/DVD, will they warp in the heat?  Hybrid and cloud solutions bypass this media conundrum nicely.

[box] You don’t care about backing up your data;

you only care about restoring your data.[/box]

File Restore or Disaster Recovery? – When deciding on your backup solution, ask yourself what is the purpose of it?  Backups serve two functions: restoring the occasional lost or overwritten file, and rebuilding everything when an emergency wipes it out. Basic backups are usually sufficient for individuals and home use.  Businesses, however, want to think more along the lines of Disaster Recovery.  If you only care about restoring the odd file every now and then, basic file-based backups in the cloud are sufficient.  If you are preparing for an eventual disaster, file-based backups may be insufficient.

What is your “time to recovery objective”?  How much downtime can your company accept if the sprinklers go off and the server room floods?  If several days of downtime is fine for data recovery, then file-based backups are sufficient and you can go about re-building your server from scratch.  If you need to be back up and running business as usual in hours or one day at most, then you will need image-based backups.

We offer a product to our clients that includes the best of all of these options.  It is a device that sits locally on your network for fast backups and data recovery.  It synchronizes with the cloud for safe storage and protection against disaster.  It does images-based data backups for getting the business back up and running quickly.  And it has the capability of mimicking your server if your server goes down, so you can continue going about business as usual even while your server is laying in a smoking heap in the corner.  Please contact us today if you are interested in learning more.

If you still have questions about backups, please visit our Contact page, or leave a comment below and we’d be happy to respond.

Cryptolocker – The Most Dangerous Virus in 10 Years

UPDATE: See the bottom of the article for information on a new decryption tool.

The Most Dangerous Virus in 10 Years.”  That is a very ominous title.  But thinking back, the last time we saw a virus this destructive was in 2000 (the I Love You virus), so it actually may be a bit of an understatement.  That virus spread by email and deleted Word document and image files.  This one, the Cryptolocker Virus, has more ways to spread, and while it doesn’t delete anything, it encrypts your files and holds them for ransom.

How do people get infected?
Cryptolocker first surfaced in September 2013 and spread so quickly that by November it was infecting more than 12,000 computers per week, according to  BitDefender labs.  The most common method of infection is via attachments in emails, but it has been known to infect people with browser vulnerabilities, Java vulnerabilities, or through other viruses that then download this one.

What does it do?
Once on your computer the virus will generate an encryption code.  With this code, or “key,” Cryptolocker will encrypt all Word documents it finds on your computer, as well as Excel documents, PDF files, and many others.  It also encrypts backup files and Shadow Copy files, in case you were thinking of fixing this by restoring from backup.  Then it sends the encryption key to the people who wrote the virus and places a big warning message on your screen to let you know you have been hacked, and instructions on how to get your data back.  Typically there is a limited amount of time to do this before the files are locked forever.

What can I do once I’m infected?
Without the encryption key, the only way to decrypt your files is with a supercomputer and a lot of time (years).  You have two options at this point:

  1. Restore from backup.  See the section below about how to do good backups.  Once you have this virus, you will need to clean your computer of it.  Most antivirus programs will be able to find it.  Click here for a free program that will find and clean it for you.  Once your computer is clean, then you can restore your lost files from backup.
  2. Pay the ransom.  The initial ransom can be up to $500.  After the time expires, they sometimes offer you a last chance, but by this time the price has jumped to $8000-$9000.  While we usually would recommend against this option because you don’t know if you can trust them to give the data back, this seems to be a viable option.  By one estimate, infected users that needed their data back paid the virus authors nearly $400,000 in the first 100 days after its release.  The FBI even recommend a Massachusetts police department to pay the ransom, because without proper backups there is simply nothing else to be done.

What can I do to protect myself?
Like any disaster preparation, you can do things to help prevent trouble from happening, and you can prepare for recovering once it does strike.

  1. The first thing to do is to get a good antivirus program.  We are currently recommending Kaspersky to our clients because they rank very well AV comparison tests year after year, but most modern antivirus programs will keep you safe.  Click here for a list of antivirus products available, and how they compare to each other.
  2. Be careful of email attachments.  Email attachments is the primary way this virus spreads.  Run your email through a spam and virus filter.  If you are not expecting an attachment from someone, don’t open it.  If you see the attachment with two file extensions, such as “filename.pdf.exe”, it is almost certainly a virus.  If you see an attachment with a .exe or .vbs extension, don’t open it.  (An extension is the final 3 letters of the file name, after the period.  Some computers are configured to hide these extensions, in which case you may only see one of the two extensions.)
  3. Take good backups.  Back up all of your Documents folder, Desktop, and any other folders where you store data.  Since this virus looks for backup files, your backups should be saved to a place other than on your computer.  An external USB drive is a good place for them (as long as it is not constantly plugged into the computer, or else it will be infected as well).  Cloud backups are great for keeping your data safe.  The virus may take a couple of days to fully lock down your computer.  This means if you overwrite your backups every day with new backups, you may be backing up infected files.  The best solution is to have a backup system that runs frequently and stores multiple revisions of the same file.

The good news is this virus is not very infectious.  It takes a while to fully infect a computer, and it is more concerned with encrypting your files than spreading to other computers.  It is also fairly simple to clean with standard virus removal techniques.  If you have antivirus and a solid backup solution in place, you made good progress in protecting yourself.

The bad news is that many people think their virus protection is active and up to date when it isn’t.  And they think their backups are set up running correctly, but they aren’t.  Check the computers in your home and office and make sure they are following the steps laid out in this article.  And if you want to know more about backups and what your options are, check back next month for our backup article.

Have you had an experience with Cryptolocker?  Or do you have any questions we didn’t answer in the article?  We would love to hear about it in our comments section below.

UPDATE – Aug 9, 2014: FireEye and Fox-IT security companies have teamed up and developed a decryption tool for Cryptolocker!  You upload your email address and a sample encrypted file (without any personal information) , and they will email you back a decryption key and a link to a recovery program.  I have not used the tool yet, but the “word on the street” is that it works quite well.  The decryption tool is located at https://www.decryptcryptolocker.com (August, 2017: link has been since removed, as it is no longer working).

The Death of Windows XP and Office 2003

It is an ominous title, but very important.  According to a recent survey, more than a quarter of all the computers out there are still running Windows XP.  That is more than everyone running Mac, Linux, Windows Vista, and Windows 8 combined.  Microsoft released Windows XP in 2001, then they skipped a release in their normal cycle, and then released Vista which nobody liked.  So most of us have had over a decade on this one operating system, but the party is coming to an end.  Microsoft is discontinuing support for Windows XP, among other products, in April.

April 8, 2014 is the End of Life date for Windows XP

Microsoft has a predefined product lifecycle for its software.  When the release a product to the public, they already know when the end-of-sale date will be, when the end of Mainstream Support will be, and when the end of Extended Support will be.  In general, most products will be supported for 5-10 years.

Which brings us back to our eulogy today.  On April 8, 2014, the Extended Support period will expire for Windows XP and Office 2003, and Exchange 2003.  Server 2003 has another year and will reach end-of-life on July 15, 2015.  You can actually continue using these products as long as you like, they will not stop working in April, but MS will stop fixing bugs.  And hackers will continue finding bugs.

[learn_more caption=”Find out more about Microsoft’s support lifecycle”] The rules are bit complex, but in general, they will fully support a product for 5 years in what they call their “mainstream support” period. Then, for business and development (i.e. programming) product, they offer an additional 5 years of “extended support.” These are the times in which you can call up Microsoft phone the phone, get their tech support on the line, and they will fix your problems (for a fee).

This is also the period in which they release service packs, patches, and security updates. Every month (sometimes more often), Microsoft releases updates to all of its products that fix bugs that have been found. These get pushed to everyone’s computers through Windows Update. Your computer should be doing this automatically. (If it is not, call us and we can discuss why it is important.) After the end of the Extended Support period, Microsoft stops releasing these fixes.[/learn_more]

So what do you do now?  Don’t panic yet.  First, you have a full quarter until we reach that date.  Second, like we mentioned already, Windows will not stop working come April 8, they will just stop releasing security patches and bug fixes for it.  So here are a few suggestions to help you prepare for this:

  1. Look through your network and identify which computers have Windows XP, which computers have Office 2003, and if any servers are running Exchange 2003 email server.  Your IT vendor should be able to provide a report on this info in just a couple minutes.
  2. Office can often be upgraded.  Computers with Windows XP should be replaced, not upgraded.  For help in choosing new computers, read this article.  Exchange 2003 should not be upgraded; either replace with a new server or choose a different email solution (like Hosted Exchange).
  3. With all this information at hand, review your IT budget.  If it needs to be updated in light of your results, meet with your IT vendor and revise accordingly.  If you do not have an IT budget yet, read this article for information on how to create one.

Do you still have Windows XP running in your office?  Are you concerned about how to deal with this information?  Is your office already up to date and you feel safer now that you know you will be in support for the next several years?  Tell us what you think and how your company has dealt with this situation.

 

References:
Microsoft’s lifecycle policy
Microsoft’s lifecycle product index
Net Market Share’s operating system distribution